EP 3087527 B1 20190807 - SYSTEM AND METHOD OF DETECTING MALICIOUS MULTIMEDIA FILES
Title (en)
SYSTEM AND METHOD OF DETECTING MALICIOUS MULTIMEDIA FILES
Title (de)
SYSTEM UND VERFAHREN ZUR ERKENNUNG BÖSARTIGER MULTIMEDIADATEIEN
Title (fr)
SYSTÈME ET PROCÉDÉ PERMETTANT DE DÉTECTER DES FICHIERS MULTIMÉDIA NÉFASTES
Publication
Application
Priority
US 2013078087 W 20131227
Abstract (en)
[origin: WO2015099780A1] Systems and methods for detection of malicious exploitations in a multimedia file are disclosed. In one embodiment, such an approach includes parsing the compiled bytecode of a multimedia file to detect identified key instructions and determine if such key instructions are repeated in specific patterns that signify the presence of malicious exploitation. The approach may also include examining the contents of the constant pool table in a compiled multimedia file to detect specific shellcode strings that are indicative of presence of malicious exploitation. When the bytecode or the constant pool table indicates that malicious exploitation is present, an approach may be utilized to reduce instances of false positive identification of malicious exploitation.
IPC 8 full level
G06F 21/56 (2013.01); H04L 29/06 (2006.01)
CPC (source: EP US)
G06F 16/152 (2018.12 - EP US); G06F 16/435 (2018.12 - EP US); G06F 16/951 (2018.12 - EP US); G06F 21/56 (2013.01 - EP US); G06F 21/562 (2013.01 - EP US); H04L 63/1416 (2013.01 - US); H04L 69/16 (2013.01 - US)
Designated contracting state (EPC)
AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR
DOCDB simple family (publication)
WO 2015099780 A1 20150702; CN 105793864 A 20160720; EP 3087527 A1 20161102; EP 3087527 A4 20170719; EP 3087527 B1 20190807; JP 2017500668 A 20170105; JP 6306191 B2 20180404; US 10356108 B2 20190716; US 2017026392 A1 20170126
DOCDB simple family (application)
US 2013078087 W 20131227; CN 201380081284 A 20131227; EP 13900103 A 20131227; JP 2016542911 A 20131227; US 201315039761 A 20131227